How Tines enhances security analysis with Amazon Quick Suite

Amazon Web Services and workflow automation platform Tines have announced a deep integration that brings AI-powered security analysis and automated response into Amazon QuickSight. The connection uses the emerging Model Context Protocol (MCP), a standard for how AI assistants communicate with external tools. Tines acts as an MCP server builder, exposing capabilities from security applications like Okta, VirusTotal, and AWS CloudTrail as tools that AI agents within QuickSight can call. This enables security teams to construct automated investigation workflows where multiple AI assistants collaborate, pulling data from disparate systems to answer complex security questions in natural language, visualize threats, and initiate approved remediation steps without writing custom integration code.

Technically, the integration solves the problem of siloed security data by providing a simple, governed layer between QuickSight's AI agents and internal tools. Analysts can ask questions like 'Show all login attempts from high-risk countries in the last 24 hours' and receive visualized insights including geographic mapping of attacks, user activity timelines, and correlation between compromised accounts and systems. The system can then, after analyst approval, execute actions like blocking a suspicious IP in CrowdStrike. This pattern significantly accelerates mean time to detection and response (MTTD/MTTR) by automating the manual correlation of logs and data across multiple consoles, turning insights into actions within a single, auditable platform.